Vulnerability Development mailing list archives

Re: Vlans

From: Tim Salus <tsalus () CBOSS COM>
Date: Thu, 18 Jan 2001 15:26:46 -0800

I read the information at deja.com and other sources. The problem with
all of this is you have to be on the same segment as the switched device
" i.e.: firewall outside interface" When the packets come through the
router the mac address on the packet is the routers. Therefore if the
outside address is connected to a COLO's switch such as Exodus and the
interface on your router going to the firewall is connected to your
switch and the firewall outside interface is on the same vlan as the
routers interface then the only mac the switch will se is the routers.
With this in mind how can you do a mac flood on the switch?

I did much research on this and I duplicated some attacks but I had to
be on segment and no router between me and the switch. The address for
the switch is in the 10 network range and connected to another router.


Knowing how routers work shows why this exploit will not work from the
Internet.

Cisco books do say what vlans where created for but common sense tells
you that you can only subvert functionality so far.

Therefore please explain to me and others how you can subvert the routes
and the switch to do a mac overflow.

Current thread:

Vlans Tim Salus (Jan 17)
- Re: Vlans Tony Soprano (Jan 18)
- Re: Vlans Dom De Vitto (Jan 18)
  - Re: Vlans Tim Salus (Jan 18)
- Re: Vlans Aaron D. Turner (Jan 18)
- Re: Vlans John Kinsella (Jan 18)
  - Re: Vlans Samuel Patton (Jan 19)
  - Re: Vlans Aaron D. Turner (Jan 22)
    - Re: Vlans John Kinsella (Jan 21)
    - Re: Vlans Dom De Vitto (Jan 22)
    - Re: Vlans Dan Kaminsky (Jan 22)
- Re: Vlans Akatosh (Jan 18)
- Re: Vlans Lincoln Yeoh (Jan 22)
  - Re: Vlans Carson Sweet (Jan 22)

(Thread continues...)